3.8.4 & 3.8.5 Registration Vulnerability

[a9713030]

Code:

=========================================================
vBulletin 3.8.4 & 3.8.5 Registration Bypass Vulnerability
=========================================================

   010101010101010101010101010101010101010101010101010101010  
   0                                                       0
   1  Iranian Datacoders Security Team 2010                1
   0                                                       0
   010101010101010101010101010101010101010101010101010101010
  
 
# Exploit Title: vBulletin 3.8.4 & 3.8.5 Around Registration Vulnerability
# Date: 29/08/2010                           
# Author: Immortal Boy                    
# Software Link: http://www.vbulletin.org
# Version: 3.8.4 & 3.8.5
# Google dork 1 : powered by vBulletin 3.8.4
# Google dork 2 : powered by vBulletin 3.8.5
# Platform / Tested on: Multiple
# Category: webapplications
# Code : N/A
  
#  BUG :  #########################################################################
  
1 > Go to Http://[localhost]/path/register.php
 
2 > Assume that forum admin user name is ADMIN
 
3 > Type this at User Name ===> ADMIN&#00
 
4 > &#00 is an ASCII Code
 
5 > And complete the other parameters
 
6 > Then click on Complete Registrarion
 
7 > Now you see that your user name like admin user name
  
After this time the private messages to the user (ADMIN) to sending see for you is sending .
 
 
#  Patch :  #######################################################################
 
1 > Go to AdminCP
 
2 > Click on vBulletin Options and choose vBulletin Options
 
3 > Choose Censorship Options
 
4 > type &# in Censored Words section
 
5 > Then click on Save
 
#############################################################################
 
Our Website : http://www.datacoders.ir
  
Special Thanks to : H-SK33PY , NEO , Sp|R|T , BigB4NG , 3r1ck , Dr.mute ,
 
hosinn , NIK , uones , mohammad_ir &  all iranian datacoders members
  
#############################################################################

how to fix the bug?

[JamesC70]

<a href="http://www.vbulletin.com/forum/showthread.php?361721-Security-flaw-found-in-vBulletin-versions-up-to-3.8.5-inclusive" target="_blank">http://www.vbulletin.com/forum/showt....8.5-inclusive</a>

A temporary fix is detailed in the above thread. Or you can move up to 3.8.6 PL1, which isn't affected by this.

[a9713030]

a9713030, you do not have permission to access this page. This could be due to one of several reasons:

Your user account may not have sufficient privileges to access this page. Are you trying to edit someone else's post, access administrative features or some other privileged system?
If you are trying to post, the administrator may have disabled your account, or it may be awaiting activation.

--------------- Added [DATE]1284977866[/DATE] at [TIME]1284977866[/TIME] ---------------

can you post the content here?

[JamesC70]

I linked to vbulletin.com, not vbulletin.org -- be sure you're using the correct login credentials. (As long as you have a legitimate vBulletin license, obtaining login credentials for vbulletin.com shouldn't be a problem.)

This website is for add-ons, modifications, etc that are NOT in the code vBulletin code. Technically, discussion about a perceived flaw in core vBulletin code would be off topic on vbulletin.org.... it belongs on vbulletin.com.

[a9713030]

i have bought vbulletin liscence from forum.vbulletin-china.cn , but i have not vbulletin.com privileges so i can not see the content even i have register the vbulletin.com ，i have asked the customservice, it says that buy from vbulletin.org only can get privileges at vbulletin.org,

and they vbulletin.org is for united states and other country except europe,
vbulletin.com is for uk , and europe,
i really need to download something or add-ons on vbulletin.com, it refused me
,my username on vbulletin.com is aslo a9713030
i don;t know why a company have this terrible management, it don't think for custom,

[Lynne]

You cannot 'buy' from vbulletin.org. You can 'buy' from vbulletin.com.

vbulletin.com doesn't have terrible management because you can't follow the instructions that say to use the *exact* same email to register with that you use for your license email.

[a9713030]

i have bought from vbulletin-china.cn,
it can not open for a year,what happen, where you are?

where i use vBulletin C9299598A1B7 login to www.vbulletin.com it says

Something Went Wrong!
error_wrong_distributor_chinese
If you believe this should not have happened, please contact us.
it is nightmare !!!!

[JamesC70]

Quote:

Originally Posted by a9713030

i have bought from vbulletin-china.cn,
it can not open for a year,what happen, where you are?

where i use vBulletin C9299598A1B7 login to www.vbulletin.com it says

Something Went Wrong!
error_wrong_distributor_chinese
If you believe this should not have happened, please contact us.
it is nightmare !!!!

Then click the "Contact Us" link where you see that message. This will route your complaint to the proper people at vBulletin.com.

The error message itself means that your license cannot be verified. This could be due to poor recordkeeping at vbulletin-china.cn, or because the license was revoked due to piracy. We can't help you on vbulletin.org with this, you need to clear things up with vbulletin.com.

[TNCclubman]

you posted the solution on how to fix the bug yourself.

1 > Go to AdminCP

2 > Click on vBulletin Options and choose vBulletin Options

3 > Choose Censorship Options

4 > type &# in Censored Words section

5 > Then click on Save